<?php

	require_once('../inc/fen_fns.php');

	sec_session_start();
	
	$form_values = $_POST;
	
	if(login_check($mysqli, '>', '100') == true) {
	
		require_once('../inc/class.phpmailer.php');
		//include("class.smtp.php"); // optional, gets called from within class.phpmailer.php if not already loaded
		
		
		
		foreach($form_values as $x=>$x_value)
		{	
			$six_digit_random_number = mt_rand(100000, 999999);
			//$six_digit_random_number = "fed2023";
			$password = hash('sha512', $six_digit_random_number);
			
			// Create a random salt
			$random_salt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
			// Create salted password (Careful not to over season)
			$password = hash('sha512', $password.$random_salt);
			
			
			$delete = substr($x_value,2);
			$query = $_DB->Query("update fen_members set password = '$password', salt = '$random_salt'
								WHERE id = '$x_value'");
			
			$query = $_DB->Query("SELECT name, surname, username, email FROM fen_members where id = '$x_value'");
					
			$mail = new PHPMailer(true); // the true param means it will throw exceptions on errors, which we need to catch
			
			$mail->IsSMTP(); // telling the class to use SMTP
			$body = "Sayın ".$_DB->GetResultValue($query, "0", "name")." ".$_DB->GetResultValue($query, "0", "surname").",<br><br>	
					BUZEB Elektronik Bilgi Sistemi şifreniz sıfırlanmıştır.<br><br>
					Yeni şifreniz: <b>".$six_digit_random_number."</b><br><br>
					<b>".$_DB->GetResultValue($query, "0", "username")."</b> kullanıcı adınız ve yeni şifreniz ile sisteme hemen giriş yapmak için lütfen
					<a href=\"http://buzeb.bahcesehir.edu.tr/fen\">tıklayınız</a>.<br><br>
					BUZEB";
			
			try {
				$mail->Host       = "email-smtp.us-east-1.amazonaws.com"; // SMTP server
				$mail->SMTPAuth = true;
				$mail->SMTPSecure = "tls";
				$mail->Port     = '25';
				$mail->Timeout  = '60';
				$mail->CharSet = 'UTF-8';
				// $mail->SMTPDebug  = 2;                     // enables SMTP debug information (for testing)
				$mail->Username   = "AKIAJJ5P2CPVSTBY4YPQ"; // SMTP account username
				$mail->Password   = "Aim/pUv1c9npGYoYBwte6+Q3sfGQCMhGKADllGTakQ+C";        // SMTP account password
				$mail->AddAddress($_DB->GetResultValue($query, "0", "email"), $_DB->GetResultValue($query, "0", "name"));
				$mail->From = 'buzeb@bahcesehir.edu.tr';
				$mail->SetFrom('buzeb@bahcesehir.edu.tr', 'buzeb@bahcesehir.edu.tr');
				$mail->AddReplyTo('buzeb@bahcesehir.edu.tr', 'buzeb@bahcesehir.edu.tr');
				$mail->Subject = 'BUZEB Elektronik Bilgi Sistemi Şifre Sıfırlama';
				$mail->AltBody = 'To view the message, please use an HTML compatible email viewer!'; // optional - MsgHTML will create an alternate automatically
				//$mail->MsgHTML(file_get_contents('contents.html'));
				$mail->MsgHTML($body);
				$mail->Send();
				//echo "Message Sent OK</p>\n";
			} catch (phpmailerException $e) {
				echo $e->errorMessage(); //Pretty error messages from PHPMailer
			} catch (Exception $e) {
				echo $e->getMessage(); //Boring error messages from anything else!
			}
			
		}
	
	} else {
		header('Location: ./index.php?error=2');
	}

	
